Reply
Established Member
Posts: 2,346
Registered: ‎05-30-2012
Kudos: 790
Solutions: 30

AirRouter security non existent ?

[ Edited ]

I took a new AirRouter out of the box. Flashed it with newest firmware and installed it on a Internet connection with a public IP-address.

 

2 hours later it was hacked Mad2

 

Is it enough just to factory default reset it ? Can I be sure that system is not compromised ?

Maybe I have to reapply firmware to it ?

 

I did a scan of the public IP-address of the AirRouter. Management interface is per default open on the WAN port ?

 

Is UBNT taking security serious ? Nono

 

 

Established Member
Posts: 2,346
Registered: ‎05-30-2012
Kudos: 790
Solutions: 30

Re: AirRouter security non existent ?

Ok, this router is not for Mrs. and Mr. Jones.....

 

AirRouter WAN Network Settings 01.png

 

 

 

 

 

 

 

 

 

 

That was first thing to do....

 

What more ?

 

Should I apply firewall rules ?

New Member
Posts: 18
Registered: ‎03-22-2013
Kudos: 4
Solutions: 1

Re: AirRouter security non existent ?

"Is UBNT taking security serious ? " - Nope

 

You should be good with the "Block Management Access" on the WAN side.  Your IP will no longer be pingable, and your ports will not be open to the outside world. 

 

You will want to use a unique and long user name and password as well.

 

Pretty well stinks that Ubiquiti knew about this last fall and looks to me like they did very little to notify users until it blew up here just lately.

 

 

SuperUser
Posts: 14,335
Registered: ‎12-08-2008
Kudos: 11083
Solutions: 685
Contributions: 1

Re: AirRouter security non existent ?

[ Edited ]

@BearNPum wrote:

"Is UBNT taking security serious ? " - Nope

 

You should be good with the "Block Management Access" on the WAN side.  Your IP will no longer be pingable, and your ports will not be open to the outside world. 

 

You will want to use a unique and long user name and password as well.

 

Pretty well stinks that Ubiquiti knew about this last fall and looks to me like they did very little to notify users until it blew up here just lately.

 

 


Seriously? a year's worth of firmware updates that patched the vulnerability, and you think they weren't doing much?   This is the same nonsense as the "but they use a default password and if the user doesn't change it they can be hacked!" stupidity we've heard for months - ever install a D-Link or Linksys firewall?   One entire line of Linksys devices were hackable even with password changes, and they finally aknowledged that they would never fix the vulnerability ever, because they just didn't care.   An you think UBNT's bad?

 

It's amazing to me how many "experts" make pronouncements they know nothing about in reality - kinda like cable political pundits, actually...  Mad2

Jim

" How can anyone trust Scientists? If new evidence comes along, they change their minds! " Politician's joke (sort of...)
"Humans are allergic to change..They love to say, ‘We’ve always done it this way.’ I try to fight that. "Admiral Grace Hopper, USN, Computer Scientist
":It's not Rocket Science! - Oh wait, Actually it is... "NASA bumper sticker
":The biggest problem in tech I see right now is that most users don't want to do things that are hard. That doesn't bode well for the industry or the society.": (me. actually ;-)
New Member
Posts: 18
Registered: ‎03-22-2013
Kudos: 4
Solutions: 1

Re: AirRouter security non existent ?

[ Edited ]

"One entire line of Linksys devices were hackable even with password changes" - Same as Ubiquiti, you didn't need a user name or password to access the router from outside.

 

My Airrouter had 5.5.8 on it, and when I would do "check for updates" on the router it would say I had the latest firmware.  The patch would have been in 5.5.11 out the end of July last year.  But the router was happy to say it was up to date.

 

I got my firmware updated and couldn't find the way to disable remote access to the management interface.  I sent a "contact us email" to Ubiquiti asking where I could turn off remote access to the router.  The reply from support was - sorry, there is no way to do that, you can only reboot or reset the router.  Huh?  I have of course since found the checkbox.

 

Back in August/September/October/November/... when routers were being hacked and the vunerability was known by Ubiquiti and firmware fixed, did they email customers, or post on their blog, or post on their forums to warn customers?  I don't see it until just recently.

 

So, Jim, do you think that is awesome support by Ubiquiti?

 

All over the forums and internet are folks with issues related to the vunerability, some with hundreds of units, and they are having issues and posting those problems to this day.  Guess they are all idiots just like me.  Glad you are so much smarter.

 

 

 

 

 

 

Highlighted
Regular Member
Posts: 631
Registered: ‎01-08-2015
Kudos: 114
Solutions: 9

Re: AirRouter security non existent ?

Be a part of the solution, not the problem.  ^^ Go buy another product and leave the Ubiquiti forums clean if your not happy.

Reply